Home / Companies / GitLab / Blog / Post Details
Content Deep Dive

Get the most out of the Checkmarx integration with GitLab

Blog post from GitLab

Post Details
Company
Date Published
Author
Valerie Silverthorne
Word Count
778
Company Posts That Month
29
Language
English
Hacker News Points
-
Post removed?
No
Summary

In the 2020 Global DevSecOps survey, 65% of organizations reported shifting security left, yet fewer than 20% had developers accessing SAST or DAST scans in their pipelines or IDEs. Security professionals expressed frustration over developers finding too few bugs too late. James Brotsos from Checkmarx presented a solution at a virtual user conference, demonstrating the integration of Checkmarx's security testing platform with GitLab using CxFlow, a spring boot application. This integration enables early application security testing directly within the development process, freeing developers to focus on coding while still maintaining governance and scanning capabilities. The customizable integration allows developers to initiate scans via GitLab CI/CD, merge requests, or pushed code, creating an efficient feedback loop without manual intervention. Developers can receive actionable results through various channels like GitLab's security dashboard or Jira, enhancing defect tracking and management. The process involves setting up global variables for Checkmarx server access and separating Checkmarx stages from the existing GitLab CI file to avoid disruption, facilitating quick and automated scanning of multiple repositories with minimal overhead.

Trends Found in this Post

No tracked trend matches for this post yet.

Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.